User Privacy Policy for Apna Artist

• Who this policy covers: This Privacy Policy applies to visitors, users, customers, event planners, organisers, business representatives, payment users, support users, and any other persons who access or use Apna Artist through our website, mobile app, forms, landing pages, communication tools, booking flows, and related services.
• What this policy covers: This policy describes how we collect, receive, record, store, use, disclose, protect, retain, and otherwise process personal data and related information.
• Platform channels included: This policy may apply to data collected through online forms, app interfaces, account creation flows, enquiries, bookings, payments, emails, calls, chat support, campaign pages, social media interactions, and customer support systems operated by or for the platform.

Depending on how a user interacts with the platform, we may collect different categories of information necessary for bookings, communication, payments, support, analytics, platform safety, and lawful operations.

• Identity and contact details: Name, mobile number, email address, city, organisation name, business name, event location, and related contact details.
• Booking and event details: Event date, time, venue, budget, performer preference, duration, event type, guest profile, technical requirements, and related booking information.
• Payment and billing information: Payment status, order references, invoice details, transaction identifiers, billing details, refund status, tax-related information, and payment gateway responses. We may receive limited payment-related records even where a third-party processor handles the actual transaction flow.
• Communication records: Email messages, call records or metadata where lawfully maintained, support tickets, chat history, enquiry submissions, complaint submissions, and other communication logs.
• Technical and device information: IP address, browser type, operating system, device information, app usage signals, cookies, log files, analytics data, page interactions, crash signals, and similar technical usage data.
• Documents or verification data: In some situations we may collect or receive identity proof, billing proof, payment proof, business proof, complaint evidence, screenshots, or other supporting documents for verification, support, or legal purposes.

• Directly from the user: When the user fills a form, creates an account, makes an enquiry, places a booking, contacts support, uploads documents, makes a payment, or otherwise communicates with us.
• Automatically through technology: Through cookies, analytics tools, server logs, app events, browser signals, device data, and similar technologies that help us operate and improve the platform.
• From partners or service providers: We may receive limited data from payment processors, hosting providers, analytics vendors, communication tools, customer support systems, or lawful integration partners where relevant to service delivery.
• From publicly available or user-authorised sources: In limited cases, we may collect information from publicly accessible profiles, public event details, or user-authorised third-party interactions when reasonably related to the service.

• Service delivery: To respond to enquiries, match artists and customers, manage bookings, coordinate events, process requests, provide support, and improve user experience.
• Payment and accounting: To confirm transactions, manage invoices, process refunds, verify payment status, prevent transaction abuse, maintain accounting records, and handle applicable taxes and statutory requirements.
• Security and fraud prevention: To detect suspicious activity, prevent misuse, verify users, protect artists and customers, review complaints, and preserve evidence where needed.
• Communication: To send booking updates, confirmations, reminders, support responses, policy notices, customer care messages, and service-related communications.
• Analytics and improvement: To understand platform use, improve pages, measure performance, troubleshoot errors, and optimise features, design, and operations.
• Legal and compliance purposes: To comply with applicable law, court orders, lawful requests, tax duties, regulatory requirements, internal audit needs, dispute handling, and legal defence or enforcement.

• Consent and voluntary submission: Where required, we rely on user consent, including when a user voluntarily submits personal information through forms, account creation, booking steps, payment steps, support channels, or similar user actions.
• Service necessity: We may process information where reasonably necessary to provide requested services, manage bookings, communicate with users, process payments, or perform platform operations connected to a user’s request.
• Legal obligations and lawful purposes: We may process information for lawful compliance, fraud prevention, tax reporting, dispute resolution, evidence preservation, and protection of our platform, artists, customers, and legitimate business interests.
• Fair notice approach: This policy is intended to provide notice regarding the type of data collected, the purpose of use, and the circumstances in which data may be shared or retained.

• Service providers and vendors: We may share limited information with payment processors, hosting partners, communication tools, analytics providers, support tools, cloud providers, technical contractors, and similar operational service providers on a need-to-know basis.
• Artists and booking stakeholders: Where necessary to fulfil a booking or enquiry, relevant user details may be shared with artists, coordinators, or event stakeholders involved in the requested service.
• Compliance and legal protection: We may disclose information where reasonably necessary to comply with law, respond to lawful requests, protect safety, prevent fraud, investigate misuse, preserve evidence, enforce rights, or defend legal claims.
• Corporate restructuring: If the platform is involved in merger, acquisition, restructuring, sale of assets, or similar transaction, personal data may be transferred as part of that business process subject to applicable safeguards.
• No casual sale principle: User data is not intended to be casually sold as open public information or disclosed unnecessarily to unrelated third parties.

• Cookies and similar tools: We may use cookies, session storage, pixels, device identifiers, analytics scripts, and related technologies to operate pages, improve navigation, understand usage patterns, measure campaigns, remember preferences, and enhance user experience.
• Technical necessity: Some cookies or similar technologies may be necessary for page security, login continuity, form functionality, fraud checks, or performance measurement.
• User control: Depending on browser or device settings, users may be able to block or limit cookies, although some features of the platform may not function properly if certain technologies are disabled.

• Reasonable safeguards: We use reasonable administrative, organisational, and technical measures to help protect personal data against unauthorised access, accidental loss, misuse, alteration, disclosure, or destruction.
• Access control: Access to data may be limited to authorised personnel, service providers, or system administrators who require it for service delivery, support, compliance, or security purposes.
• No system is absolutely risk-free: Although we take reasonable precautions, no digital platform, network, database, transmission system, or cloud environment can be guaranteed to be fully immune from risk.

• Retention period basis: We may retain personal data for as long as reasonably necessary for account management, booking records, support, payment reconciliation, dispute resolution, fraud prevention, audit, tax, compliance, and legal defence or enforcement.
• Operational and legal need: Even if a user stops using the platform, some data may be retained where required for lawful compliance, prevention of misuse, record continuity, or pending complaint and payment matters.
• Deletion after necessity ends: Where reasonably practicable and subject to legal, compliance, audit, or security requirements, we may delete, anonymise, archive, or restrict certain data once retention is no longer necessary.

• Access and correction requests: Subject to applicable law and identity verification, users may request access to certain personal data or request correction or updating of inaccurate information.
• Deletion or withdrawal requests: Users may request deletion, withdrawal of consent, or restriction of certain data processing, subject to applicable legal, contractual, operational, security, audit, and record-retention requirements.
• Complaint and grievance support: Users may contact the platform regarding privacy questions, complaints, correction requests, consent withdrawal, deletion requests, or grievances relating to personal data handling.
• Verification may be required: To protect privacy and prevent misuse, we may ask for reasonable verification before acting on a privacy-related request.

• Policy changes: We may update or revise this Privacy Policy from time to time to reflect business changes, legal updates, product updates, security practices, or operational requirements.
• Updated version governs: The latest version published on the platform may apply from the effective date shown or from the date of posting, subject to applicable law.
• Continued use: Continued use of the platform after an updated policy is made available may be treated as acknowledgement of the revised policy to the extent permitted by law.

For privacy-related questions, correction requests, deletion requests, grievance support, or other data concerns, users may contact the platform through its official support details, privacy email, grievance contact, or customer care channel as published on the website or app.

• Users should provide enough information to help identify the request and verify ownership of the relevant account or enquiry.
• The platform may respond within a reasonable period depending on the nature of the request, applicable law, and verification requirements.
• Where legally or operationally necessary, some requests may be limited, delayed, or refused with an appropriate explanation.